Post navigation

If you are using KDE or Qt programs but not in a full KDE session (specifically, you did not run “startkde”), then as of KDE 4.6.1 you will need to tell Qt how to find KDE’s styles (Oxygen, QtCurve etc.)

KDE and Qt programs: look without oxygen theme with gnome look

KDE and Qt programs: look with oxygen theme

You just need to set the environment variable QT_PLUGIN_PATH. E.g. put

As I’ve shutdown my own server to avoid the noise, power waste, gain some space, and to stop worrying about hardware or connection failures and I’ve recently purchased and advanced NAS (Synology DiskStation) I would to explain how to securely active ssh on it.

The Synology DiskStation supports both telnet and SSH, but you should never use telnet when dealing with passwords or when you don’t want to be spied, as it is completely insecure.
Everyone should instead use SSH as it is very secure and almost the standard option.

Synology DiskStation DS211

How to enable SSH and users to login

It’s easy to enable SSH on your DiskStation by going to Control Panel > Terminal & checking the box next to Enable SSH Service.
You can now log in with your root username & password. If you need to login with any other user, you need to enable user’s home and let them use login with a shell.
To enable your user’s home, go to Control Panel -> User -> User Home -> There enable the user home service.
To enable your user’s to login with a shell, you have to edit the file /etc/passwd. Here is an example with the common contents when you have 2 users, one with a enabled shell (/bin/sh) the other without:

How to enable SSH with SSH keys

But that’s not enough. Logging in with a username and password isn’t nearly as secure as requiring SSH keys. When you use password based authentication, anyone can try to reach the port and use bruteforce to gain login credentials.
With public keys authentication, you have a private key on your computer, a public key on the SSH server (the Synology DiskStation in this case). When someone tries to log in via SSH, the server looks at the public key and asks for the corresponding private key. No private key, no login.NOTE: I’m assuming that you have already generated SSH keys. If you haven’t, you can easily find instructions on the Web.
The needed SSH daemon’s config file to allow access via keys differs from original in :
Edit /etc/ssh/sshd_config using vi, I’ve highlighted in a shortened example the changed options to harden SSH:

Save the file and restart the SSH daemon. The easier is to use the GUI/WEB login. Click on the Control Panel -> Terminal. Uncheck Enable SSH Service, apply, check it again, and press apply again.

Extra point enable root login from a shell using su. DEPRECATED

DEPRECATEDOf course we still need to have root access to Synology, anything can happen. If along any of the steps, or whatever, you have seen this error message while trying to use ‘su':‘su: must be suid to work properly

What is happening is that permissions on binary /bin/busybox are “wrong”, run this as root to fix it.

<del>chmod u+s /bin/busybox</del>

DEPRECATED

Restart ssh server from CLI

If you want to restart your ssh server from CLI, use this script. Running it in background guarantees that the command will be completed. Because when you launch it, your currrent ssh session will be lost/closed.

/usr/syno/etc.defaults/rc.d/S95sshd.sh restart &amp;

For some reason, this command is not fully restarting the server or not loading the modified config, so, a workaround in order to restart the ssh server is to restart the whole system.

Important

This adds a nice layer of security, but it also means that you’d better keep backups of your SSH keys, or you are hosed!
If you’ve fucked up and you can’t get a root shell or you need help because using vi is boring, try to look for a config file editor

Today i was trying to setup a simple ftp to recover some logs from different machines (set top boxes at work).
I wanted to use a python script to enter machines and repeat some commands, because i’ve found really useful telnet libraries, but, anyway, main topic….
My laptop at work uses ubuntu 10.04, so i installed vsftpd, but it was not so easy for ready to use using anonymous login.

After enabling a lot of anonymous options commented i found i needed to create some directory by hand to allow anonymous upload.being /srv/ftp home directory for ftp user....sudo mkdir /srv/ftp/uploads

At at last. vsftpd: refusing to run with writable anonymous root
I found out why it wasn’t going through./srv/ftp CANNOT be writable./srv/ftp/incoming CAN be writable. sudo chmod -w /srv/ftp/ and problem solved
So the root directory can’t be writable, but subdirectories within the root directory can.

Information regarding cookies

This site uses cookies to store information on your computer. Some of these cookies are essential to make our site work and others help us to improve by giving us some insight into how the site is being used. More information.